<?php
/*

Cakephp 2.x User Management Premium Version
Copyright (c) 2012 EktaSoftwares
Website- http://EktaSoftwares.com/
Demo- http://umpremium.ektasoftwares.com/

UMPremium is a copyrighted work of authorship. EktaSoftwares
retains ownership of the product and any copies of it, regardless of the
form in which the copies may exist. This license is not a sale of the
original product or any copies.

By installing and using UMPremium on your server, you agree to the following
terms and conditions. Such agreement is either on your own behalf or on behalf
of any corporate entity which employs you or which you represent
('Corporate Licensee'). In this Agreement, 'you' includes both the reader
and any Corporate Licensee and EktaSoftwares.Com

The Product is licensed only to you. You may not rent, lease, sublicense, sell,
assign, pledge, transfer or otherwise dispose of the Product in any form, on
a temporary or permanent basis, without the prior written consent of EktaSoftwares.

The Product source code may be altered (at your risk)

All Product copyright notices within the scripts must remain unchanged (and visible).

If any of the terms of this Agreement are violated, EktaSoftwares reserves the right
to action against you.

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Product.

THE PRODUCT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE PRODUCT OR THE USE OR OTHER DEALINGS IN
THE PRODUCT.

*/

App::uses('UserMgmtAppController', 'Usermgmt.Controller');
class UsersController extends UserMgmtAppController {
	/**
	 * This controller uses following models
	 *
	 * @var array
	 */
	public $uses = array('Usermgmt.User', 'Usermgmt.UserGroup', 'Usermgmt.UserSetting', 'Usermgmt.TmpEmail', 'Usermgmt.UserDetail', 'Usermgmt.UserActivity', 'Usermgmt.LoginToken');
	/**
	 * This controller uses following components
	 *
	 * @var array
	 */
	public $components = array('Usermgmt.UserConnect', 'Cookie');
	/**
	 * This controller uses following default pagination values
	 *
	 * @var array
	 */
	public $paginate = array(
		'limit' => 25
	);

	/**
	 * Called before the controller action.  You can use this method to configure and customize components
	 * or perform logic that needs to happen before each controller action.
	 *
	 * @return void
	 */
	public function beforeFilter() {
		parent::beforeFilter();
		$this->User->userAuth=$this->UserAuth;
	}
	/**
	 * Used to display all users by Admin
	 *
	 * @access public
	 * @return array
	 */
	public function index() {
		$this->User->unbindModel( array('hasMany' => array('LoginToken')));
		$this->paginate = array('limit' => 10, 'order'=>'User.id desc');
		$users = $this->paginate('User');
		$this->set('users', $users);
	}
	/**
	 * Used to display all online users by Admin
	 *
	 * @access public
	 * @return array
	 */
	public function online() {
		//$this->User->unbindModel( array('hasMany' => array('LoginToken')));
		$this->paginate = array('limit' => 25, 'order'=>'UserActivity.modified desc', 'conditions'=>array('UserActivity.modified >'=>(date('Y-m-d G:i:s', strtotime('-'.VIEW_ONLINE_USER_TIME.' minutes', time()))), 'UserActivity.logout'=>0));
		$users = $this->paginate('UserActivity');
		$this->set('users', $users);
	}
	/**
	 * Used to display detail of user by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return array
	 */
	public function viewUser($userId=null) {
		if (!empty($userId)) {
			$user = $this->User->read(null, $userId);
			if(empty($user)) {
				$this->redirect('/allUsers');
			}
			$this->set('user', $user);
		} else {
			$this->redirect('/allUsers');
		}
	}
	/**
	 * Used to display detail of user by user
	 *
	 * @access public
	 * @return array
	 */
	public function myprofile() {
		$userId = $this->UserAuth->getUserId();
		$user = $this->User->read(null, $userId);
		$this->set('user', $user);
	}
	/**
	 * Used to edit profile on the site by user
	 *
	 * @access public
	 * @return void
	 */
	public function editProfile() {
		$userId = $this->UserAuth->getUserId();
		if (!empty($userId)) {
			$gender= $this->User->getGenderArray();
			$this->set('gender', $gender);
			$marital= $this->User->getMaritalArray();
			$this->set('marital', $marital);
			if ($this->request -> isPut() || $this->request -> isPost()) {
				$this->User->set($this->data);
				$this->UserDetail->set($this->data);
				if ($this->User->RegisterValidate() && $this->UserDetail->RegisterValidate()) {
					if(is_uploaded_file($this->request->data['UserDetail']['photo']['tmp_name']) && !empty($this->request->data['UserDetail']['photo']['tmp_name'])) {
						$path_info = pathinfo($this->request->data['UserDetail']['photo']['name']);
						chmod ($this->request->data['UserDetail']['photo']['tmp_name'], 0644);
						$photo=time().mt_rand().".".$path_info['extension'];
						$fullpath= WWW_ROOT."img".DS.IMG_DIR;
						$res1 = is_dir($fullpath);
						if($res1 != 1)
							$res2= mkdir($fullpath, 0777, true);
						move_uploaded_file($this->request->data['UserDetail']['photo']['tmp_name'],$fullpath.DS.$photo);
						$this->request->data['UserDetail']['photo']=$photo;
					} else {
						unset($this->request->data['UserDetail']['photo']);
					}
					if(!ALLOW_CHANGE_USERNAME) {
						unset($this->request->data['User']['username']);
					}
					$user =$this->User->getUserById($userId);
					if($user['User']['email'] != $this->request->data['User']['email']) {
						$this->request->data['User']['email_verified']=0;
						$user['User']['email']= $this->request->data['User']['email'];
						$this->User->sendVerificationMail($user);
						$this->Cookie->delete('UMPremiumCookie');
					}
					$this->User->saveAssociated($this->request->data);
					$this->Session->setFlash(__('Your profile has been successfully updated'));
					$this->redirect('/myprofile');
				}
			} else {
				$this->User->unbindModel(array('hasMany' => array('LoginToken'), 'belongsTo' => array('UserGroup')));
				$user = $this->User->read(null, $userId);
				$this->request->data=null;
				if (!empty($user)) {
					$user['User']['password']='';
					$this->request->data = $user;
				}
			}
		} else {
			$this->redirect('/myprofile');
		}
	}
	/**
	 * Used to logged in the site
	 *
	 * @access public
	 * @return void
	 */
	public function login($connect=null, $from=null) {
		$userId = $this->UserAuth->getUserId();
		if ($userId) {
			$this->redirect("/dashboard");
		}
		if($connect=='fb') {
			$this->Session->read();
			$this->layout=NULL;
			$fbData=$this->UserConnect->facebook_connect();
			if(isset($_GET['error'])) {
				/* Do nothing user canceled authentication */
			} elseif(!empty($fbData['loginUrl'])) {
				$this->redirect($fbData['loginUrl']);
			} else {
				$emailCheck=true;
				$user = $this->User->findByFbId($fbData['user_profile']['id']);
				if(empty($user)) {
					$user = $this->User->findByEmail($fbData['user_profile']['email']);
					$emailCheck=false;
				}
				if(empty($user)) {
					if(SITE_REGISTRATION) {
						$user['User']['fb_id']=$fbData['user_profile']['id'];
						$user['User']['fb_access_token']=$fbData['user_profile']['accessToken'];
						$user['User']['user_group_id']=DEFAULT_GROUP_ID;
						$user['User']['username']= $this->generateUserName($fbData['user_profile']['name']);
						$password = $this->UserAuth->generatePassword();
						$user['User']['password'] = $this->UserAuth->generatePassword($password);
						$user['User']['email']=$fbData['user_profile']['email'];
						$user['User']['first_name']=$fbData['user_profile']['first_name'];
						$user['User']['last_name']=$fbData['user_profile']['last_name'];
						$user['User']['active']=1;
						$user['User']['email_verified']=1;
						$userImageUrl = 'http://graph.facebook.com/'.$fbData['user_profile']['id'].'/picture?type=large';
						$photo = $this->updateProfilePic($userImageUrl);
						$user['UserDetail']['photo']=$photo;
						$user['UserDetail']['gender']=$fbData['user_profile']['gender'];
						$this->User->save($user,false);
						$userId=$this->User->getLastInsertID();
						$user['UserDetail']['user_id']=$userId;
						$this->UserDetail->save($user,false);
						$user = $this->User->findById($userId);
						$this->UserAuth->login($user);
						$this->Session->write('UserAuth.FacebookLogin', true);
						$this->Session->write('UserAuth.FacebookChangePass', true);
					} else {
						$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
					}
				} else {
					$login=false;
					if(!$emailCheck) {
						$user['User']['fb_id']=$fbData['user_profile']['id'];
						$user['User']['fb_access_token']=$fbData['user_profile']['accessToken'];
						$user['User']['email_verified']=1;
						$this->User->save($user,false);
						$login=true;
					} else if($user['User']['email_verified']==1) {
						$login=true;
					} else if($user['User']['email']==$fbData['user_profile']['email']) {
						$user['User']['email_verified']=1;
						$this->User->save($user,false);
						$login=true;
					}
					if($login) {
						$user = $this->User->findById($user['User']['id']);
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
						} else {
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.FacebookLogin', true);
						}
					} else {
						$this->Session->setFlash(__('Sorry your email is not verified yet'));
					}
				}
			}
			$this->render('popup');
		} elseif($connect=='twt') {
			$this->Session->read();
			$this->layout=NULL;
			$twtData=$this->UserConnect->twitter_connect();
			if(isset($_GET['denied'])) {
				$this->redirect('/login');
			} elseif(!isset($_GET['oauth_token'])) {
				$this->redirect($twtData['url']);
			} else {
				$twtId  = $twtData['user_profile']['id'];
				$user = $this->User->findByTwtId($twtId);
				if(empty($user)) {
					if(SITE_REGISTRATION) {
						$user['User']['twt_id']=$twtData['user_profile']['id'];
						$user['User']['twt_access_token']=$twtData['user_profile']['accessToken'];
						$user['User']['twt_access_secret']=$twtData['user_profile']['accessSecret'];
						$user['User']['user_group_id']=DEFAULT_GROUP_ID;
						$user['User']['username']= $this->generateUserName($twtData['user_profile']['screen_name']);
						$password = $this->UserAuth->generatePassword();
						$user['User']['password'] = $this->UserAuth->generatePassword($password);
						$name=preg_replace("/ /", "~", $twtData['user_profile']['name'], 1);
						$name= explode('~', $name);
						$user['User']['first_name']=$name[0];
						$user['User']['last_name']=(isset($name[1])) ? $name[1] : "";
						$user['User']['active']=1;
						$user['UserDetail']['location']=$twtData['user_profile']['location'];
						$userImageUrl = 'http://api.twitter.com/1/users/profile_image?screen_name='.$twtData['user_profile']['screen_name'].'&size=original';
						$photo = $this->updateProfilePic($userImageUrl);
						$user['UserDetail']['photo']=$photo;
						$this->User->save($user,false);
						$userId=$this->User->getLastInsertID();
						$user['UserDetail']['user_id']=$userId;
						$this->UserDetail->save($user,false);
						$user = $this->User->findById($userId);
						$this->UserAuth->login($user);
						$this->Session->write('UserAuth.TwitterChangePass', true);
						$this->redirect('/changePassword');
					} else {
						$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
						$this->redirect("/login");
					}
				} else {
					if ($user['User']['id'] != 1 and $user['User']['active']==0) {
						$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
						$this->redirect("/login");
					} else {
						$this->UserAuth->login($user);
						$OriginAfterLogin=$this->Session->read('Usermgmt.OriginAfterLogin');
						$this->Session->delete('Usermgmt.OriginAfterLogin');
						$redirect = (!empty($OriginAfterLogin)) ? $OriginAfterLogin : LOGIN_REDIRECT_URL;
						$this->redirect($redirect);
					}
				}
			}
			$this->render('popup');
		} elseif($connect=='gmail') {
			$this->Session->read();
			$this->layout=NULL;
			
			$gmailData=$this->UserConnect->gmail_connect();
			//die('gmailData');
			if(!isset($_GET['openid_mode'])) {
				$this->redirect($gmailData['url']);
			} else {
				if(!empty($gmailData)) {
					$user = $this->User->findByEmail($gmailData['email']);
					if(empty($user)) {
						if(SITE_REGISTRATION) {
							$user['User']['user_group_id']=DEFAULT_GROUP_ID;
							$user['User']['username']= $this->generateUserName($gmailData['name']);
							$password = $this->UserAuth->generatePassword();
							$user['User']['password'] = $this->UserAuth->generatePassword($password);
							$user['User']['first_name']=$gmailData['first_name'];
							$user['User']['last_name']=$gmailData['last_name'];
							$user['User']['email']=$gmailData['email'];
							$user['User']['active']=1;
							$user['User']['email_verified']=1;
							$user['UserDetail']['location']=$gmailData['location'];
							$this->User->save($user,false);
							$userId=$this->User->getLastInsertID();
							$user['UserDetail']['user_id']=$userId;
							$this->UserDetail->save($user,false);
							$user = $this->User->findById($userId);
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.GmailLogin', true);
							$this->Session->write('UserAuth.GmailChangePass', true);
						} else {
							$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
						}
					} else {
						if($user['User']['email_verified'] !=1) {
							$user['User']['email_verified']=1;
							$this->User->save($user,false);
						}
						$user = $this->User->findById($user['User']['id']);
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
						} else {
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.GmailLogin', true);
						}
					}
				}
			}
			$this->render('popup');
		} elseif($connect=='ldn') {
			$this->Session->read();
			$this->layout=NULL;
			$ldnData=$this->UserConnect->linkedin_connect();
			if(!$_GET[LINKEDIN::_GET_RESPONSE]) {
				$this->redirect($ldnData['url']);
			} else {
				$ldnData = json_decode(json_encode($ldnData['user_profile']),TRUE);
				if(!empty($ldnData)) {
					$user = $this->User->findByLdnId($ldnData['id']);
					if(empty($user)) {
						if(SITE_REGISTRATION) {
							$user['User']['ldn_id']=$ldnData['id'];
							$user['User']['user_group_id']=DEFAULT_GROUP_ID;
							$user['User']['username']= $this->generateUserName($ldnData['first-name']. ' '.$ldnData['last-name']);
							$password = $this->UserAuth->generatePassword();
							$user['User']['password'] = $this->UserAuth->generatePassword($password);
							$user['User']['first_name']=$ldnData['first-name'];
							$user['User']['last_name']=$ldnData['last-name'];
							$user['User']['active']=1;
							if(isset($ldnData['picture-url'])) {
								$photo = $this->updateProfilePic($ldnData['picture-url']);
								$user['UserDetail']['photo']=$photo;
							}
							$this->User->save($user,false);
							$userId=$this->User->getLastInsertID();
							$user['UserDetail']['user_id']=$userId;
							$this->UserDetail->save($user,false);
							$user = $this->User->findById($userId);
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.LinkedinLogin', true);
							$this->Session->write('UserAuth.LinkedinChangePass', true);
						} else {
							$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
						}
					} else {
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
						} else {
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.LinkedinLogin', true);
						}
					}
				}
			}
			$this->render('popup');
		} elseif($connect=='fs') {
			$this->Session->read();
			$this->layout=NULL;
			$fsData=$this->UserConnect->foursquare_connect();
			if(!isset($_GET['code']) && !isset($_GET['error']) && empty($_SESSION['fs_access_token'])) {
				$this->redirect($fsData['url']);
			} else {
				$fsData = json_decode(json_encode($fsData['user_profile']),TRUE);
				if(!empty($fsData) && isset($fsData['user']['contact']['email'])) {
					$user = $this->User->findByEmail($fsData['user']['contact']['email']);
					if(empty($user)) {
						if(SITE_REGISTRATION) {
							$user['User']['user_group_id']=DEFAULT_GROUP_ID;
							$user['User']['username']= $this->generateUserName($fsData['user']['firstName']. ' '.$fsData['user']['lastName']);
							$password = $this->UserAuth->generatePassword();
							$user['User']['password'] = $this->UserAuth->generatePassword($password);
							$user['User']['first_name']=$fsData['user']['firstName'];
							$user['User']['last_name']=$fsData['user']['lastName'];
							$user['User']['gender']=$fsData['user']['gender'];
							$user['User']['active']=1;
							$this->User->save($user,false);
							$userId=$this->User->getLastInsertID();
							$user = $this->User->findById($userId);
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.FoursquareLogin', true);
							$this->Session->write('UserAuth.FoursquareChangePass', true);
						} else {
							$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
							$this->redirect("/login");
						}
					} else {
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
							$this->redirect("/login");
						} else {
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.FoursquareLogin', true);
						}
					}
				}
			}
			$this->redirect('/login');
		} elseif($connect=='yahoo') {
			$this->Session->read();
			$this->layout=NULL;
			$yahooData=$this->UserConnect->yahoo_connect();
			if(!isset($_GET['openid_mode'])) {
				$this->redirect($yahooData['url']);
			} else {
				if(!empty($yahooData)) {
					$user = $this->User->findByEmail($yahooData['email']);
					if(empty($user)) {
						if(SITE_REGISTRATION) {
							$user['User']['user_group_id']=DEFAULT_GROUP_ID;
							$user['User']['username']= $this->generateUserName($yahooData['name']);
							$password = $this->UserAuth->generatePassword();
							$user['User']['password'] = $this->UserAuth->generatePassword($password);
							$user['User']['first_name']=$yahooData['first_name'];
							$user['User']['last_name']=$yahooData['last_name'];
							$user['User']['email']=$yahooData['email'];
							$user['User']['active']=1;
							$user['User']['email_verified']=1;
							$user['UserDetail']['gender']=$yahooData['gender'];
							$this->User->save($user,false);
							$userId=$this->User->getLastInsertID();
							$user['UserDetail']['user_id']=$userId;
							$this->UserDetail->save($user,false);
							$user = $this->User->findById($userId);
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.YahooLogin', true);
							$this->Session->write('UserAuth.YahooChangePass', true);
						} else {
							$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
						}
					} else {
						if($user['User']['email_verified'] !=1) {
							$user['User']['email_verified']=1;
							$this->User->save($user,false);
						}
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
						} else {
							$this->UserAuth->login($user);
							$this->Session->write('UserAuth.YahooLogin', true);
						}
					}
				}
			}
			$this->render('popup');
		} else {
			if ($this->request -> isPost()) {
				$this->User->set($this->data);
				if($this->User->LoginValidate()) {
					$email  = $this->data['User']['email'];
					$password = $this->data['User']['password'];
					$user = $this->User->findByUsername($email);
					if (empty($user)) {
						$user = $this->User->findByEmail($email);
						if (empty($user)) {
							$this->Session->setFlash(__('Incorrect Email/Username or Password'));
							return;
						}
					}
					$hashed = $this->UserAuth->makePassword($password, $user['User']['salt']);
					if ($user['User']['password'] === $hashed) {
						// check for inactive account
						if ($user['User']['id'] != 1 and $user['User']['active']==0) {
							$this->Session->setFlash(__('Sorry your account is not active, please contact to Administrator'));
							return;
						}
						// check for verified account
						if ($user['User']['id'] != 1 and $user['User']['email_verified']==0) {
							$this->Session->setFlash(__('Your email has not been confirmed please verify your email or contact to Administrator'));
							return;
						}
						$this->UserAuth->login($user);
						$remember = (!empty($this->data['User']['remember']));
						if ($remember) {
							$this->UserAuth->persist('2 weeks');
						}
						$OriginAfterLogin=$this->Session->read('Usermgmt.OriginAfterLogin');
						$this->Session->delete('Usermgmt.OriginAfterLogin');
						$redirect = (!empty($OriginAfterLogin)) ? $OriginAfterLogin : LOGIN_REDIRECT_URL;
						$this->redirect($redirect);
					} else {
						$this->Session->setFlash(__('Incorrect Email/Username or Password'));
						return;
					}
				}
			}
		}
	}
	/**
	 * Used to generate unique username
	 *
	 * @access private
	 * @return String
	 */
	private function generateUserName($name=null) {
		$username='';
		if(!empty($name)) {
			$username = str_replace(' ', '', strtolower($name));
			while ($this->User->findByUsername($username)) {
				$username = str_replace(' ', '', strtolower($name)) . '_' . rand(1000, 9999);
			}
		}
		return $username;
	}
	/**
	 * Used to logged out from the site
	 *
	 * @access public
	 * @return void
	 */
	public function logout($msg=true) {
		$this->UserAuth->logout();
		if($msg) {
			$this->Session->setFlash(__('You are successfully signed out'));
		}
		$this->redirect(LOGOUT_REDIRECT_URL);
	}
	/**
	 * Used to register on the site
	 *
	 * @access public
	 * @return void
	 */
	public function register() {
		$userId = $this->UserAuth->getUserId();
		if ($userId) {
			$this->redirect("/dashboard");
		}
		if (SITE_REGISTRATION) {
			$userGroups=$this->UserGroup->getGroupsForRegistration();
			$this->set('userGroups', $userGroups);
			if ($this->request -> isPost()) {
				if(USE_RECAPTCHA) {
					$this->request->data['User']['captcha']= (isset($this->request->data['recaptcha_response_field'])) ? $this->request->data['recaptcha_response_field'] : "";
				}
				$this->User->set($this->data);
				if ($this->User->RegisterValidate()) {
					if (!isset($this->data['User']['user_group_id'])) {
						$this->request->data['User']['user_group_id']=DEFAULT_GROUP_ID;
					} elseif (!$this->UserGroup->isAllowedForRegistration($this->data['User']['user_group_id'])) {
						$this->Session->setFlash(__('Please select correct register as'));
						return;
					}
					if (!EMAIL_VERIFICATION) {
						$this->request->data['User']['email_verified']=1;
					}
					$this->request->data['User']['active']=1;
					$salt = $this->UserAuth->makeSalt();
					$this->request->data['User']['salt']=$salt;
					$this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password'], $salt);
					$this->User->save($this->request->data,false);
					$userId=$this->User->getLastInsertID();
					$user = $this->User->findById($userId);
					if (SEND_REGISTRATION_MAIL && !EMAIL_VERIFICATION) {
						$this->User->sendRegistrationMail($user);
					}
					if (EMAIL_VERIFICATION) {
						$this->User->sendVerificationMail($user);
					}
					if (isset($this->request->data['User']['active']) && $this->request->data['User']['active'] && !EMAIL_VERIFICATION) {
						$this->UserAuth->login($user);
						$this->redirect('/dashboard');
					} else {
						$this->Session->setFlash(__('Please check your mail and confirm your registration'));
						$this->redirect('/login');
					}
				}
			}
		} else {
			$this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later'));
			$this->redirect('/login');
		}
	}
	/**
	 * Used to change the password by user
	 *
	 * @access public
	 * @return void
	 */
	public function changePassword() {
		$userId = $this->UserAuth->getUserId();
		if ($this->request -> isPost()) {
			$this->User->set($this->data);
			if(!empty($this->request->data['User']['emailVerifyCode']) && !empty($this->request->data['User']['email'])) {
				$tmpEmail = $this->TmpEmail->findByEmail($this->request->data['User']['email']);
				if(!empty($tmpEmail) && $tmpEmail['TmpEmail']['code']==$this->request->data['User']['emailVerifyCode']) {
					$this->User->unbindModel(array('hasMany' => array('LoginToken'), 'belongsTo' => array('UserGroup')));
					$user = $this->User->findById($userId);
					$this->User->unbindModel(array('hasMany' => array('LoginToken'), 'belongsTo' => array('UserGroup')));
					$userOld = $this->User->findByEmail($this->request->data['User']['email']);
					$success=0;
					if($this->Session->check('UserAuth.TwitterChangePass')) {
						$userOld['User']['twt_id']=$user['User']['twt_id'];
						$userOld['User']['twt_access_token']=$user['User']['twt_access_token'];
						$userOld['User']['twt_access_secret']=$user['User']['twt_access_secret'];
						if(empty($userOld['UserDetail']['photo'])) {
							$userOld['UserDetail']['photo'] = $user['UserDetail']['photo'];
						}
						if(empty($userOld['UserDetail']['location'])) {
							$userOld['UserDetail']['location'] = $user['UserDetail']['location'];
						}
						$this->Session->delete('UserAuth.EmailVerifyCode');
						$this->User->saveAssociated($userOld);
						$success=1;
					} elseif ($this->Session->check('UserAuth.LinkedinChangePass')) {
						$userOld['User']['ldn_id']=$user['User']['ldn_id'];
						if(empty($userOld['UserDetail']['photo'])) {
							$userOld['UserDetail']['photo'] = $user['UserDetail']['photo'];
						}
						$this->Session->delete('UserAuth.EmailVerifyCode');
						$this->User->saveAssociated($userOld);
						$success=1;
					}
					if($success) {
						$this->User->delete($userId, false);
						$this->UserDetail->delete($user['UserDetail']['id'], false);
						$this->TmpEmail->delete($tmpEmail['TmpEmail']['id'], false);
						$this->Session->delete('UserAuth.TwitterChangePass');
						$this->Session->delete('UserAuth.LinkedinChangePass');
						$this->UserAuth->login($userOld);
						$this->Session->setFlash(__('Your accounts were successfully merged'));
						$this->redirect('/dashboard');
					}
				} else {
					$this->Session->setFlash(__('Email verification code is incorrect, please try again'));
				}
			}
			if ($this->User->RegisterValidate()) {
				$this->User->id=$userId;
				$salt = $this->UserAuth->makeSalt();
				$this->request->data['User']['salt'] = $salt;
				$this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password'], $salt);
				$this->User->save($this->request->data,false);
				$user =$this->User->getUserById($userId);
				if(!empty($this->request->data['User']['email'])) {
					$this->User->sendVerificationMail($user);
				}
				if(SEND_PASSWORD_CHANGE_MAIL) {
					$this->User->sendChangePasswordMail($user);
				}
				$this->Session->delete('UserAuth.FacebookChangePass');
				$this->Session->delete('UserAuth.TwitterChangePass');
				$this->Session->delete('UserAuth.GmailChangePass');
				$this->Session->delete('UserAuth.LinkedinChangePass');
				$this->Session->delete('UserAuth.FoursquareChangePass');
				$this->Session->delete('UserAuth.YahooChangePass');
				$this->Session->setFlash(__('Password changed successfully'));
				$this->redirect('/dashboard');
			} else {
				if(isset($this->data['verify']) && !empty($this->request->data['User']['email'])) {
					$emailSent=1;
					if($this->Session->check('UserAuth.EmailVerifyCode')) {
						$emailSent += $this->Session->read('UserAuth.EmailVerifyCode');
					}
					if($emailSent >2) {
						$this->Session->setFlash(__('Sorry we have sent already 2 emails for verification code'));
					} else {
						$code= rand(10000, 1000000);
						$tmpEmail = $this->TmpEmail->findByEmail($this->request->data['User']['email']);
						$tmpEmail['TmpEmail']['code']=$code;
						$tmpEmail['TmpEmail']['email']=$this->request->data['User']['email'];
						$this->TmpEmail->save($tmpEmail, false);
						$this->User->sendVerificationCode($userId, $tmpEmail['TmpEmail']['email'], $code);
						$this->Session->write('UserAuth.EmailVerifyCode', $emailSent);
						$this->Session->setFlash(__('We have sent you an email verification code'));
					}
				}
			}
		}
	}
	/**
	 * Used to change the user password by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function changeUserPassword($userId=null) {
		if (!empty($userId)) {
			if(!$this->User->isValidUserId($userId)) {
				$this->redirect('/allUsers');
			}
			$name=$this->User->getNameById($userId);
			$this->set('name', $name);
			if ($this->request -> isPost()) {
				$this->User->set($this->data);
				if($this->User->RegisterValidate()) {
					$this->User->id=$userId;
					$salt = $this->UserAuth->makeSalt();
					$this->request->data['User']['salt']= $salt;
					$this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password'], $salt);
					$this->User->save($this->request->data,false);
					$this->LoginToken->deleteAll(array('LoginToken.user_id'=>$userId), false);
					$this->Session->setFlash(__('Password for %s changed successfully', $name));
					$this->redirect('/allUsers');
				}
			}
		} else {
			$this->redirect('/allUsers');
		}
	}
	/**
	 * Used to add user on the site by Admin
	 *
	 * @access public
	 * @return void
	 */
	public function addUser() {
		$userGroups=$this->UserGroup->getGroups();
		$this->set('userGroups', $userGroups);
		if ($this->request -> isPost()) {
			$this->User->set($this->data);
			if ($this->User->RegisterValidate()) {
				$this->request->data['User']['active']=1;
				$this->request->data['User']['email_verified']=1;
				$this->request->data['User']['by_admin']=1;
				$salt = $this->UserAuth->makeSalt();
				$this->request->data['User']['salt']= $salt;
				$this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password'], $salt);
				$this->User->save($this->request->data,false);
				$userId=$this->User->getLastInsertID();
				$this->request->data['UserDetail']['user_id']=$userId;
				$this->UserDetail->save($this->request->data,false);
				$this->Session->setFlash(__('The user is successfully added'));
				$this->redirect('/addUser');
			}
		}
	}
	/**
	 * Used to edit user on the site by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function editUser($userId=null) {
		if (!empty($userId)) {
			if(!$this->User->isValidUserId($userId)) {
				$this->redirect('/allUsers');
			}
			$userGroups=$this->UserGroup->getGroups();
			$this->set('userGroups', $userGroups);
			$gender= $this->User->getGenderArray();
			$this->set('gender', $gender);
			$marital= $this->User->getMaritalArray();
			$this->set('marital', $marital);
			if ($this->request -> isPut() || $this->request -> isPost()) {
				$this->User->set($this->data);
				$this->UserDetail->set($this->data);
				if ($this->User->RegisterValidate() && $this->UserDetail->RegisterValidate()) {
					if(is_uploaded_file($this->request->data['UserDetail']['photo']['tmp_name']) && !empty($this->request->data['UserDetail']['photo']['tmp_name']))
					{
						$path_info = pathinfo($this->request->data['UserDetail']['photo']['name']);
						chmod ($this->request->data['UserDetail']['photo']['tmp_name'], 0644);
						$photo=time().mt_rand().".".$path_info['extension'];
						$fullpath= ROOT.DS."app".DS."webroot".DS."img".DS.IMG_DIR;
						$res1 = is_dir($fullpath);
						if($res1 != 1)
							$res2= mkdir($fullpath, 0777, true);
						move_uploaded_file($this->request->data['UserDetail']['photo']['tmp_name'],$fullpath.DS.$photo);
						$this->request->data['UserDetail']['photo']=$photo;
					}
					else {
						unset($this->request->data['UserDetail']['photo']);
					}
					$this->User->saveAssociated($this->request->data);
					$this->Session->setFlash(__('The user is successfully updated'));
					$this->redirect('/allUsers');
				}
			} else {
				$this->User->unbindModel(array('hasMany' => array('LoginToken'), 'belongsTo' => array('UserGroup')));
				$user = $this->User->read(null, $userId);
				$this->request->data=null;
				if (!empty($user)) {
					$user['User']['password']='';
					$this->request->data = $user;
				}
			}
		} else {
			$this->redirect('/allUsers');
		}
	}
	/**
	 * Used to delete the user by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function deleteUser($userId = null) {
		if (!empty($userId)) {
			if ($this->request -> isPost()) {
				if ($this->User->delete($userId, false)) {
					$this->UserDetail->deleteAll(array('UserDetail.user_id'=>$userId), false);
					$this->LoginToken->deleteAll(array('LoginToken.user_id'=>$userId), false);
					$this->UserActivity->updateAll(array('UserActivity.deleted'=>1), array('UserActivity.user_id'=>$userId));
					$this->Session->setFlash(__('User is successfully deleted'));
				}
			}
			$this->redirect('/allUsers');
		} else {
			$this->redirect('/allUsers');
		}
	}
	/**
	 * Used to delete the user by self
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function deleteAccount($userId = null) {
		if (!empty($userId)) {
			if ($this->request -> isPost()) {
				if(ALLOW_DELETE_ACCOUNT) {
					if ($this->User->delete($userId)) {
						$this->UserDetail->deleteAll(array('UserDetail.user_id'=>$userId), false);
						$this->LoginToken->deleteAll(array('LoginToken.user_id'=>$userId), false);
						$this->UserActivity->updateAll(array('UserActivity.deleted'=>1), array('UserActivity.user_id'=>$userId));
						$this->Session->setFlash(__('Your account is successfully deleted'));
						$this->logout(false);
					}
				}
			}
			$this->redirect('/dashboard');
		} else {
			$this->redirect('/dashboard');
		}
	}
	/**
	 * Used to logout the user by Admin
	 *
	 * @access public
	  * @param integer $userId user id of user
	 * @return void
	 */
	public function logoutUser($userId = null) {
		if (!empty($userId)) {
			if ($this->request -> isPost()) {
				$this->UserActivity->updateAll(array('UserActivity.logout'=>1), array('UserActivity.user_id'=>$userId));
				$this->Session->setFlash(__('User is successfully signed out'));
			}
			$this->redirect('/usersOnline');
		} else {
			$this->redirect('/usersOnline');
		}
	}
	/**
	 * Used to logout the user and make inactive by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function makeInactive($userId = null) {
		if ($this->request -> isPost()) {
			if (!empty($userId)) {
				$this->UserActivity->updateAll(array('UserActivity.logout'=>1), array('UserActivity.user_id'=>$userId));
				$this->User->updateAll(array('User.active'=>0), array('User.id'=>$userId));
				$this->Session->setFlash(__('User is successfully signed out and deactivated'));
			}
			$this->redirect('/usersOnline');
		} else {
			$this->redirect('/usersOnline');
		}
	}
	/**
	 * Used to show dashboard of the user
	 *
	 * @access public
	 * @return array
	 */
	public function dashboard() {
		$userId=$this->UserAuth->getUserId();
		$user = $this->User->findById($userId);
		$this->set('user', $user);
	}
	/**
	 * Used to activate or deactivate user by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @param integer $active active or inactive
	 * @return void
	 */
	public function makeActiveInactive($userId = null, $active=0) {
		if (!empty($userId)) {
			if ($this->request -> isPost()) {
				$this->User->updateAll(array('User.active'=>$active), array('User.id'=>$userId));
				if($active) {
					$this->UserActivity->updateAll(array('UserActivity.logout'=>0), array('UserActivity.user_id'=>$userId));
					$this->Session->setFlash(__('User is successfully activated'));
				} else {
					$this->UserActivity->updateAll(array('UserActivity.logout'=>1), array('UserActivity.user_id'=>$userId));
					$this->Session->setFlash(__('User is successfully deactivated'));
				}
			}
		}
		$this->redirect('/allUsers');
	}
	/**
	 * Used to verify email of user by Admin
	 *
	 * @access public
	 * @param integer $userId user id of user
	 * @return void
	 */
	public function verifyEmail($userId = null) {
		if (!empty($userId)) {
			if ($this->request -> isPost()) {
				$user=array();
				$user['User']['id']=$userId;
				$user['User']['email_verified']=1;
				$this->User->save($user,false);
				$this->Session->setFlash(__('User email is successfully verified'));
			}
		}
		$this->redirect('/allUsers');
	}
	/**
	 * Used to show access denied page if user want to view the page without permission
	 *
	 * @access public
	 * @return void
	 */
	public function accessDenied() {

	}
	/**
	 * Used to verify user's email address
	 *
	 * @access public
	 * @return void
	 */
	public function userVerification() {
		if (isset($_GET['ident']) && isset($_GET['activate'])) {
			$userId= $_GET['ident'];
			$activateKey= $_GET['activate'];
			$user = $this->User->read(null, $userId);
			if (!empty($user)) {
				if (!$user['User']['email_verified']) {
					$password = $user['User']['password'];
					$theKey = $this->User->getActivationKey($password);
					if ($activateKey==$theKey) {
						$user['User']['email_verified']=1;
						$res= $this->User->save($user,false);
						if (SEND_REGISTRATION_MAIL && EMAIL_VERIFICATION) {
							$this->User->sendRegistrationMail($user);
						}
						$this->Session->setFlash(__('Thank you, your account is activated now'));
					}
				} else {
					$this->Session->setFlash(__('Thank you, your account is already activated'));
				}
			} else {
				$this->Session->setFlash(__('Sorry something went wrong, please click on the link again'));
			}
		} else {
			$this->Session->setFlash(__('Sorry something went wrong, please click on the link again'));
		}
		$this->redirect('/login');
	}
	/**
	 * Used to send forgot password email to user
	 *
	 * @access public
	 * @return void
	 */
	public function forgotPassword() {
		if ($this->request -> isPost()) {
			$this->User->set($this->data);
			if ($this->User->LoginValidate()) {
				$email  = $this->data['User']['email'];
				$user = $this->User->findByUsername($email);
				if (empty($user)) {
					$user = $this->User->findByEmail($email);
					if (empty($user)) {
						$this->Session->setFlash(__('Incorrect Email/Username or Password'));
						return;
					}
				}
				// check for unverified account
				if ($user['User']['id'] != 1 and $user['User']['email_verified']==0) {
					$this->Session->setFlash(__('Your registration has not been confirmed yet please verify your email before reset password'));
					return;
				}
				$this->User->sendForgotPasswordMail($user);
				$this->Session->setFlash(__('Please check your mail for reset your password'));
				$this->redirect('/login');
			}
		}
	}
	/**
	 * Used to send email verification mail to user
	 *
	 * @access public
	 * @return void
	 */
	public function emailVerification() {
		if ($this->request -> isPost()) {
			$this->User->set($this->data);
			if ($this->User->LoginValidate()) {
				$email  = $this->data['User']['email'];
				$user = $this->User->findByUsername($email);
				if (empty($user)) {
					$user = $this->User->findByEmail($email);
					if (empty($user)) {
						$this->Session->setFlash(__('Incorrect Email/Username'));
						return;
					}
				}
				if($user['User']['email_verified']==0) {
					$this->User->sendVerificationMail($user);
					$this->Session->setFlash(__('Please check your mail to verify your email'));
				} else {
					$this->Session->setFlash(__('Your email is already verified'));
				}
				$this->redirect('/login');
			}
		}
	}
	/**
	 *  Used to reset password when user comes on the by clicking the password reset link from their email.
	 *
	 * @access public
	 * @return void
	 */
	public function activatePassword() {
		if ($this->request -> isPost()) {
			if (!empty($this->data['User']['ident']) && !empty($this->data['User']['activate'])) {
				$this->set('ident',$this->data['User']['ident']);
				$this->set('activate',$this->data['User']['activate']);
				$this->User->set($this->data);
				if ($this->User->RegisterValidate()) {
					$userId= $this->data['User']['ident'];
					$activateKey= $this->data['User']['activate'];
					$user = $this->User->read(null, $userId);
					if (!empty($user)) {
						$password = $user['User']['password'];
						$thekey =$this->User->getActivationKey($password);
						if ($thekey==$activateKey) {
							$user['User']['password']=$this->data['User']['password'];
							$salt = $this->UserAuth->makeSalt();
							$user['User']['salt']= $salt;
							$user['User']['password'] = $this->UserAuth->makePassword($user['User']['password'], $salt);
							$this->User->save($user,false);
							$this->Session->setFlash(__('Your password has been reset successfully'));
							$this->redirect('/login');
						} else {
							$this->Session->setFlash(__('Something went wrong, please send password reset link again'));
						}
					} else {
						$this->Session->setFlash(__('Something went wrong, please click again on the link in email'));
					}
				}
			} else {
				$this->Session->setFlash(__('Something went wrong, please click again on the link in email'));
			}
		} else {
			if (isset($_GET['ident']) && isset($_GET['activate'])) {
				$this->set('ident',$_GET['ident']);
				$this->set('activate',$_GET['activate']);
			}
		}
	}
	/**
	 *  Used to update profile pic from given url
	 *
	 * @access private
	 * @param integer $file_location url of pic
	 * @return String
	 */
	private function updateProfilePic($file_location) {
		$fullpath= WWW_ROOT."tmp";
		$res1 = is_dir($fullpath);
		if($res1 != 1) {
			$res2= mkdir($fullpath, 0777, true);
		}
		$imgContent = file_get_contents($file_location);
		$photo=time().mt_rand().".jpg";
		$tempfile=$fullpath.DS.$photo;
		$fp = fopen($tempfile, "w");
		fwrite($fp, $imgContent);
		fclose($fp);
		$fullimagepath= WWW_ROOT."img".DS.IMG_DIR;
		rename($tempfile, $fullimagepath.DS.$photo);
		return $photo;
	}
	/**
	 *  Used to delete cache of cakephp on production
	 *
	 * @access public
	 * @return void
	 */
	public function deleteCache() {
		$iterator = new RecursiveDirectoryIterator(CACHE);
		foreach (new RecursiveIteratorIterator($iterator, RecursiveIteratorIterator::CHILD_FIRST) as $file) {
			$path_info = pathinfo($file);
			if($path_info['dirname']==CACHE."models"  && $path_info['basename']!='.svn') {
				unlink($file->getPathname());
			}
			if($path_info['dirname']==CACHE."persistent"  && $path_info['basename']!='.svn') {
				unlink($file->getPathname());
			}
			if($path_info['dirname']==TMP."cache" && $path_info['basename']!='.svn') {
				if(!is_dir($file->getPathname())) {
					unlink($file->getPathname());
				}
			}
		}
		$this->Session->setFlash('Cache has been deleted successfully');
		$this->redirect('/dashboard');
	}
}
